Oracle is planning to ship 14 patches related to Java SE on Tuesday, including a number with the highest level of severity under the CVSS (common vulnerability scoring system) framework, according to a pre-release announcement on the company's website.

The patch batch is aimed at security weaknesses in a number of products, including JDK and JRE 7 Update 4 and earlier; JDK and JRE 6 Update 32 and earlier; and JavaFX version 2.1 and earlier, according to the announcement.

A dozen of the 14 fixes can be exploited by an attacker remotely, with no username or password required, Oracle said. A number of the weaknesses have a CVSS base score of 10.0, the highest possible, but Oracle didn't provide further specifics.

Oracle delivers Java SE patches on a quarterly basis, but on a different schedule than fixes for its other applications and middleware products.

The last Java SE patch release, which was delivered in February, also included 14 fixes.